IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Why Colin Powell no longer trusts email

Former US secretary of state was hacked, despite two-factor authentication

Email is an unsecure platform that's impossible to properly protect currently, former US secretary of state Colin Powell has claimed.

The US army general, who served under four presidents, including as secretary of state under the George W Bush administration, used his keynote speech at Citrix Synergy 21017 to admit to having had his emails hacked twice.

"I've been hacked twice and both times ... I've had double factor authentication, I've had all kinds of barriers in the way and they still got in and the forensics guys can't find out why," he told delegates. "So I had to change my lifestyle and go to fax machines, go to texts that are encrypted and use email strictly for housekeeping things.

"They keep giving me new things to do with my emails to protect it, but I no longer have confidence in being able to protect it." Powell didn't say when these hacks occurred nor how successful they were.

Indeed, fax has been the communication method of choice for Powell throughout his career, as he feels it's more secure.

As chairman of the joint chiefs of staff in 1991, he was responsible for the initiation and oversight of Operation Desert Storm. Speaking about when he gave the order to commence the conflict, he said: "We had one of the most perfectly secure means of doing it. Not something you might think of now, but it was the fax machine.

"I had a fax machine in my office, my executive assistant ran it, [my counterpart in the Gulf] had a fax machine in his office and his executive assistant ran it. And by using that secure, covered fax machine I knew that the order only went from one person to one person. It wasn't a cable that could spread around all over the organisation."

Powell also spoke of the importance of being reasonable and rational when it comes to organisations deciding what information should be kept secret and what should be treated more openly lest it prevent people from doing their jobs.

"One of the challenges we're all facing now [that] I faced when I became secretary of state, is how to make sure you have ... [a] system that is getting [information] to where it has to be when it's needed in order to be actionable," Powell said.

He said it's important to "triage" information treating as secret only the things that need to be secret.

"[You have to] make sure you're not cluttering the whole system by over-classifying things and by making sure that you have a system that will make that differentiation," he said.

Main image credit: Jane McCallion/IT Pro

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Most Popular

Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022
The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022